def test_error_raised_when_public_key_file_exists_no_permissions(self): # Create public key file with no read or write access public_key_path = self._create_new_temp_key_file(self.public_key) os.chmod(public_key_path, 0o000) # Check that CLIError exception is raised when generate_ssh_keys is called. with self.assertRaises(CLIError): generate_ssh_keys("", public_key_path)
def test_error_raised_when_private_key_file_exists_encrypted(self): # Create empty private key file private_key_path = self._create_new_temp_key_file("") # Write encrypted / passworded key into file self.key.write_private_key_file(private_key_path, password="******") # Check that CLIError exception is raised when generate_ssh_keys is called. with self.assertRaises(CLIError): public_key_path = private_key_path + ".pub" generate_ssh_keys(private_key_path, public_key_path)
def test_error_raised_when_private_key_file_exists_encrypted(self): # Create empty private key file private_key_path = self._create_new_temp_key_file("") # Write encrypted key into file self.key.write_private_key_file(private_key_path, "test") # Check that CLIError exception is raised when generate_ssh_keys is called. with self.assertRaises(CLIError): public_key_path = private_key_path + ".pub" generate_ssh_keys(private_key_path, public_key_path)
def _generate_ssh_keys(): """Generates ssh keys pair""" private_key_path = os.path.join(os.path.expanduser('~'), '.ssh', 'id_rsa') public_key_path = os.path.join(os.path.expanduser('~'), '.ssh', 'id_rsa.pub') if os.path.exists(private_key_path) and os.path.exists(public_key_path): logger.warning('Reusing existing ssh public key from ~/.ssh') return if os.path.exists(private_key_path): logger.warning('SSH private key id_rsa exists but public key is missing. Please export the public key.') return keys.generate_ssh_keys(private_key_path, public_key_path) logger.warning('SSH key files id_rsa and id_rsa.pub have been generated under ~/.ssh to allow SSH access to the ' 'nodes. If using machines without permanent storage, back up your keys to a safe location.')
def test_error_raised_when_private_key_file_exists_IOError(self): # Create private key file private_key_path = self._create_new_temp_key_file(self.private_key) with mock.patch('paramiko.RSAKey') as mocked_RSAKey: # mock failed RSAKey generation mocked_RSAKey.side_effect = IOError("Mocked IOError") # assert that CLIError raised when generate_ssh_keys is called with self.assertRaises(CLIError): public_key_path = private_key_path + ".pub" generate_ssh_keys(private_key_path, public_key_path) # assert that CLIError raised because of attempt to generate key from private key file. mocked_RSAKey.assert_called_once_with(filename=private_key_path)
def test_error_raised_when_private_key_file_exists_IOError(self): # Create private key file private_key_path = self._create_new_temp_key_file(self.private_key) with mock.patch('paramiko.RSAKey') as mocked_RSAKey: # mock failed RSAKey generation mocked_RSAKey.side_effect = IOError("Mocked IOError") # assert that CLIError raised when generate_ssh_keys is called with self.assertRaises(CLIError): public_key_path = private_key_path + ".pub" generate_ssh_keys(private_key_path, public_key_path) # assert that CLIError raised because of attempt to generate key from private key file. mocked_RSAKey.assert_called_once_with(filename=private_key_path)
def test_error_raised_when_public_key_file_exists_IOError(self): # Create public key file public_key_path = self._create_new_temp_key_file(self.public_key) with mock.patch('azure.cli.core.keys.open') as mocked_open: # mock failed call to read mocked_f = mocked_open.return_value.__enter__.return_value mocked_f.read = mock.MagicMock(side_effect=IOError("Mocked IOError")) # assert that CLIError raised when generate_ssh_keys is called with self.assertRaises(CLIError): generate_ssh_keys("", public_key_path) # assert that CLIError raised because of attempt to read public key file. mocked_open.assert_called_once_with(public_key_path, 'r') mocked_f.read.assert_called_once()
def validate_ssh_key(namespace): if hasattr(namespace, 'no_ssh_key') and namespace.no_ssh_key: return string_or_file = (namespace.ssh_key_value or os.path.join( os.path.expanduser('~'), '.ssh', 'id_rsa.pub')) content = string_or_file if os.path.exists(string_or_file): logger.info('Use existing SSH public key file: %s', string_or_file) with open(string_or_file, 'r') as f: content = f.read() elif not keys.is_valid_ssh_rsa_public_key(content): if namespace.generate_ssh_keys: # figure out appropriate file names: # 'base_name'(with private keys), and 'base_name.pub'(with public keys) public_key_filepath = string_or_file if public_key_filepath[-4:].lower() == '.pub': private_key_filepath = public_key_filepath[:-4] else: private_key_filepath = public_key_filepath + '.private' content = keys.generate_ssh_keys(private_key_filepath, public_key_filepath) logger.warning( "SSH key files '%s' and '%s' have been generated under ~/.ssh to " "allow SSH access to the VM. If using machines without " "permanent storage like Azure Cloud Shell without an attached " "file share, back up your keys to a safe location", private_key_filepath, public_key_filepath) else: raise CLIError( 'An RSA key file or key value must be supplied to SSH Key Value. ' 'You can use --generate-ssh-keys to let CLI generate one for you' ) namespace.ssh_key_value = content
def validate_ssh_key(namespace): string_or_file = (namespace.ssh_key_value or os.path.join(os.path.expanduser('~'), '.ssh', 'id_rsa.pub')) content = string_or_file if os.path.exists(string_or_file): logger.info('Use existing SSH public key file: %s', string_or_file) with open(string_or_file, 'r') as f: content = f.read() elif not keys.is_valid_ssh_rsa_public_key(content): if namespace.generate_ssh_keys: # figure out appropriate file names: # 'base_name'(with private keys), and 'base_name.pub'(with public keys) public_key_filepath = string_or_file if public_key_filepath[-4:].lower() == '.pub': private_key_filepath = public_key_filepath[:-4] else: private_key_filepath = public_key_filepath + '.private' content = keys.generate_ssh_keys(private_key_filepath, public_key_filepath) logger.warning("SSH key files '%s' and '%s' have been generated under ~/.ssh to " "allow SSH access to the VM. If using machines without " "permanent storage, back up your keys to a safe location.", private_key_filepath, public_key_filepath) else: raise CLIError('An RSA key file or key value must be supplied to SSH Key Value. ' 'You can use --generate-ssh-keys to let CLI generate one for you') namespace.ssh_key_value = content
def test_error_raised_when_public_key_file_exists_IOError(self): # Create public key file public_key_path = self._create_new_temp_key_file(self.public_key) with mock.patch('azure.cli.core.keys.open') as mocked_open: # mock failed call to read mocked_f = mocked_open.return_value.__enter__.return_value mocked_f.read = mock.MagicMock( side_effect=IOError("Mocked IOError")) # assert that CLIError raised when generate_ssh_keys is called with self.assertRaises(CLIError): generate_ssh_keys("", public_key_path) # assert that CLIError raised because of attempt to read public key file. mocked_open.assert_called_once_with(public_key_path, 'r') mocked_f.read.assert_called_once()
def test_generate_public_key_file_from_existing_private_key_files(self): # Create private key file private_key_path = self._create_new_temp_key_file(self.private_key) # Call generate_ssh_keys and assert that returned public key same as original public_key_path = private_key_path + ".pub" new_public_key = generate_ssh_keys(private_key_path, public_key_path) self.assertEqual(self.public_key, new_public_key) # Check that correct public key file has been created with open(public_key_path, 'r') as f: public_key = f.read() self.assertEqual(self.public_key, public_key) # Check that private key file contents unchanged with open(private_key_path, 'r') as f: private_key = f.read() self.assertEqual(self.private_key, private_key)
def test_generate_public_key_file_from_existing_private_key_files(self): # Create private key file private_key_path = self._create_new_temp_key_file(self.private_key) # Call generate_ssh_keys and assert that returned public key same as original public_key_path = private_key_path + ".pub" new_public_key = generate_ssh_keys(private_key_path, public_key_path) self.assertEqual(self.public_key, new_public_key) # Check that correct public key file has been created with open(public_key_path, 'r') as f: public_key = f.read() self.assertEqual(self.public_key, public_key) # Check that private key file contents unchanged with open(private_key_path, 'r') as f: private_key = f.read() self.assertEqual(self.private_key, private_key)
def test_when_public_key_file_exists(self): # Create public key file public_key_path = self._create_new_temp_key_file(self.public_key, suffix=".pub") # Create private key file private_key_path = self._create_new_temp_key_file(self.private_key) # Call generate_ssh_keys and assert that returned public key same as original new_public_key = generate_ssh_keys("", public_key_path) self.assertEqual(self.public_key, new_public_key) # Check that private and public key file contents unchanged. with open(public_key_path, 'r') as f: new_public_key = f.read() self.assertEqual(self.public_key, new_public_key) with open(private_key_path, 'r') as f: new_private_key = f.read() self.assertEqual(self.private_key, new_private_key)
def test_generate_new_private_public_key_files(self): # create random temp file name f = tempfile.NamedTemporaryFile(mode='w', dir=self._tempdirName) f.close() private_key_path = f.name # Call generate_ssh_keys and assert that returned public key same as original public_key_path = private_key_path + ".pub" new_public_key = generate_ssh_keys(private_key_path, public_key_path) # Check that public key returned is same as public key in public key path with open(public_key_path, 'r') as f: public_key = f.read() self.assertEqual(public_key, new_public_key) # Check that public key corresponds to private key with open(private_key_path, 'r') as f: key = paramiko.RSAKey(filename=private_key_path) public_key = '{} {}'.format(key.get_name(), key.get_base64()) self.assertEqual(public_key, new_public_key)
def test_when_public_key_file_exists(self): # Create public key file public_key_path = self._create_new_temp_key_file(self.public_key, suffix=".pub") # Create private key file private_key_path = self._create_new_temp_key_file(self.private_key) # Call generate_ssh_keys and assert that returned public key same as original new_public_key = generate_ssh_keys("", public_key_path) self.assertEqual(self.public_key, new_public_key) # Check that private and public key file contents unchanged. with open(public_key_path, 'r') as f: new_public_key = f.read() self.assertEqual(self.public_key, new_public_key) with open(private_key_path, 'r') as f: new_private_key = f.read() self.assertEqual(self.private_key, new_private_key)
def test_generate_new_private_public_key_files(self): # create random temp file name f = tempfile.NamedTemporaryFile(mode='w', dir=self._tempdirName) f.close() private_key_path = f.name # Call generate_ssh_keys and assert that returned public key same as original public_key_path = private_key_path + ".pub" new_public_key = generate_ssh_keys(private_key_path, public_key_path) # Check that public key returned is same as public key in public key path with open(public_key_path, 'r') as f: public_key = f.read() self.assertEqual(public_key, new_public_key) # Check that public key corresponds to private key with open(private_key_path, 'r') as f: key = paramiko.RSAKey(filename=private_key_path) public_key = '{} {}'.format(key.get_name(), key.get_base64()) self.assertEqual(public_key, new_public_key)
def _handle_container_ssh_file(**kwargs): if kwargs['command'] != 'acs create': return args = kwargs['args'] string_or_file = args.ssh_key_value content = string_or_file if os.path.exists(string_or_file): logger.info('Use existing SSH public key file: %s', string_or_file) with open(string_or_file, 'r') as f: content = f.read() elif not is_valid_ssh_rsa_public_key(content) and args.generate_ssh_keys: # figure out appropriate file names: # 'base_name'(with private keys), and 'base_name.pub'(with public keys) public_key_filepath = string_or_file if public_key_filepath[-4:].lower() == '.pub': private_key_filepath = public_key_filepath[:-4] else: private_key_filepath = public_key_filepath + '.private' content = generate_ssh_keys(private_key_filepath, public_key_filepath) logger.warning('Created SSH key files: %s,%s', private_key_filepath, public_key_filepath) args.ssh_key_value = content